|
2871
|
8.4 |
HIGH
Local
|
-
|
-
|
Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception ha…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25377
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2872
|
6.2 |
MEDIUM
Local
|
-
|
-
|
Notebook Pro 2.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the notebook name field. Attackers can crea…
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2018-25378
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2873
|
8.2 |
HIGH
Network
|
-
|
-
|
Collectric CMU 1.0 contains a boolean-based blind SQL injection vulnerability in the lang parameter that allows unauthenticated attackers to manipulate database queries during authentication. Attacke…
|
CWE-89
SQL Injection
|
CVE-2018-25379
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2874
|
7.1 |
HIGH
Network
|
-
|
-
|
Joomla Component eXtroForms 2.1.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through the filter_type_id, filter_pid_id, and filter_s…
|
CWE-89
SQL Injection
|
CVE-2018-25380
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2875
|
7.1 |
HIGH
Network
|
-
|
-
|
Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can injec…
|
CWE-89
SQL Injection
|
CVE-2018-25381
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2876
|
8.6 |
HIGH
Network
|
powerdns
|
authoritative
|
Insufficient Validation of Names During AXFR
|
CWE-77
Command Injection
|
CVE-2026-42000
|
2026-05-27 04:38 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2877
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Smartshop 1 contains a cross-site request forgery vulnerability that allows attackers to modify user profiles by tricking authenticated users into submitting malicious requests. Attackers can craft H…
|
CWE-352
Origin Validation Error
|
CVE-2018-25343
|
2026-05-27 04:37 |
2026-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2878
|
8.4 |
HIGH
Local
|
-
|
-
|
10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering …
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2018-25344
|
2026-05-27 04:37 |
2026-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2879
|
8.4 |
HIGH
Local
|
-
|
-
|
10-Strike Network Scanner 3.0 contains a local buffer overflow vulnerability in the host name field that allows attackers to bypass SafeSEH protections and execute arbitrary code. Attackers can craft…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25345
|
2026-05-27 04:37 |
2026-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2880
|
7.1 |
HIGH
Network
|
-
|
-
|
WordPress Form Maker Plugin 1.12.24 and below contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through the FormMakerSQLMa…
|
CWE-89
SQL Injection
|
CVE-2018-25346
|
2026-05-27 04:37 |
2026-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
